Methods and systems for biometric verification

ABSTRACT

Methods, systems and apparatus for verifying a cardholder during a transaction involving a payment device and a terminal are provided. In some embodiments, the payment device transmits a first biometric information template to a terminal, receives a first sample template, determines that a match occurs between the first sample template and a first biometric reference template, and determines that a verification sequence applies to the transaction requiring satisfaction of a second biometric rule. In an implementation, the payment device then transmits a second biometric information template, receives a second sample template, determines that a match occurs between the second sample template and a second biometric reference template, and transmits a verification status of the cardholder.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. patent application Ser. No.12/340,990 filed on Dec. 22, 2008, which is incorporated herein byreference.

BACKGROUND

The use of biometric techniques to authenticate payment transactions andverify the identity of payment device holders is increasing. Biometrictechniques that are promoted for this use include voice, fingerprint,iris, vein pattern and other scans. Currently, the type of biometric tobe captured for a given transaction is determined by the biometricterminal in use at a transaction location. Further, the transactionterminal also controls what steps are to be taken in the event of anauthentication failure. Payment device issuers have little (if any)control over the authentication process to be used.

It would be desirable to allow payment (or other information carrying)device issuers to have greater control over the biometric authenticationprocess. It would further be desirable to allow issuers to control thetype and level of biometric authentication required for transactions,and how verification failures are to be handled.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram depicting a system configured pursuant to someembodiments.

FIG. 2 is a block diagram depicting a transaction device configuredpursuant to some embodiments.

FIG. 3 is a block diagram depicting a transaction system configuredpursuant to some embodiments.

FIG. 4 is a flow diagram depicting a verification process pursuant tosome embodiments.

DETAILED DESCRIPTION

Embodiments of the present invention relate to systems, methods,processes, computer program code, and means for biometric verification.Pursuant to some embodiments, a biometric verification rules table isstored on a transaction device (such as a payment card or otherinformation device having an integrated circuit chip and memory). Thebiometric verification rules table is created by an issuer of the device(or an agent of the issuer) and is stored on the transaction device in apersonalization process or by updating a memory of the transactiondevice. The biometric verification rules table specifies the level (andtype) of biometric authentication required by transactions involving thetransaction device. Pursuant to some embodiments, biometricauthentication may be controlled and carried out in off-linetransactions (e.g., without need for a terminal which is in remotecommunication with the issuer).

In some embodiments, a reader is operated to verify the identity of acardholder during a transaction, including receiving a biometricinformation template from the transaction device, prompting thecardholder to present a required biometric feature for reading by thereader, the required biometric feature determined based on informationin the biometric information template, reading the required biometricfeature to create a sample set of biometric data, transmitting thesample set of biometric data to the transaction device, and receiving aresponse from the transaction device, the response including at leastone of a success code, a further biometric information template, and afailure code.

Embodiments of the present invention allow an issuer of a transactiondevice to specify the level of biometric authentication required, aswell as to define alternative biometric and other authentication stepsin the event of authentication failure. Further, pursuant to someembodiments, issuers may enforce multiple biometric verificationrequirements as part of a single transaction. The result is a systemwhich puts control of the authentication process in the hand of theissuer and which ensures that biometric authentication may be used inlocations (and for transactions) where the communications infrastructureis unreliable or unavailable.

A number of terms are used herein to describe features of someembodiments of the present invention. For example, as used herein, theterm “transaction device” is used to refer to a portable device whichincludes one or more integrated circuit (“IC”) chips and which storesinformation (such as payment information, personal information, or thelike) that may be used in conjunction with transactions (such as paymenttransactions). Pursuant to some embodiments, a “transaction device” maybe a contact or a contactless device capable of communication with areader device using wireless communication techniques. For example, atransaction device may be an information-carrying device that iscompliant with one or more of: ISO/IEC 14443 Standard, ISO/IEC 18000standard, the NFC standards including ISO/IEC 18092/ECMA 340 and ISO/IEC21481/ECMA 352, and other standards such as the EMV standards (availableat www.emvco.com) and the “PayPass” standards promulgated by MasterCardInternational Incorporated.

For illustration, and to describe features of some embodiments, aparticular transaction device will be used as an example herein—apayment device compliant with the ISO/IEC 14443 Standard, the EMVstandards, and the “PayPass” standards (e.g., a contactless payment cardwill be used as an illustrative example of a particular “transactiondevice” throughout this disclosure). Those skilled in the art willappreciate, upon reading the present disclosure, that similar techniquesmay be used for other transaction devices.

As used herein, the term “issuer” is used to refer to an entity (or anagent of the entity) that “issues” or distributes transaction devicesconfigured pursuant to embodiments of the present invention. Forexample, in the context of a transaction device used for paymenttransactions, the issuer may be the financial institution that holds apayment account associated with the transaction device and that holds anaccount relationship with the customer (referred to herein as a“cardholder”) the transaction device was issued to. In general,“issuers” are concerned with ensuring that the identities of cardholdersare properly verified during transactions involving their transactioncards. Embodiments of the present invention allow issuers to control thebiometric techniques used to verify cardholders during transactionsinvolving devices issued by the issuer.

As used herein, the term “biometric” or “biometrics” is used to refer toscans or digital representations (or “samples”) of physical featuresassociated with a cardholder that are to be verified during atransaction. The physical features can include voice, fingerprint, iris,vein pattern or the like. As used herein, feature data from a biometricsample may be extracted to select features of interest. Extractedbiometric feature data is referred to herein as a “template”.

As used herein, the term “cardholder verification method” (or “CVM”) isused to refer to a selected method to verify a cardholder during atransaction involving a transaction device configured pursuant toembodiments of the present invention. A CVM may be, for example, abiometric verification, password verification, or the like.

Features of embodiments of the present invention will now be describedby first referring to FIG. 1, which is a block diagram depicting asystem 100 configured pursuant to some embodiments.

As shown in FIG. 1 a system 100 includes a transaction device 102 incommunication with a terminal 104. The terminal 104 includes a biometricreader 106. The transaction device 102 may be any of a number ofdifferent types of portable devices having one or more IC chips whichare configured to support biometric verification pursuant to the presentinvention. For the purpose of illustrating features of the presentinvention, the transaction device 102 will be described as a contactlesspayment card which is configured to operate in accordance with the EMVspecifications as well as the PayPass specifications introduced above.The terminal 104 is, for example, a point of sale terminal configured tooperate in accordance with the EMV specifications and may include acontactless reader configured to interact with transaction device 102.Pursuant to some embodiments, the terminal 104 need not be in constantcommunication with a remote processing center; instead, pursuant to someembodiments, the terminal 104 may interact with the transaction device102 in an “off line” manner as will be described herein. Those skilledin the art will appreciate that terminals which are in communicationwith a remote processing center during all (or part of) a transaction(e.g., are “online” transactions) may also be used pursuant to thepresent invention.

According to some embodiments, a cardholder may present the transactiondevice 102 to the terminal 104 to conduct a transaction (such as apayment transaction). In many situations, an issuer of the transactiondevice 102 may wish to enforce one or more cardholder verification rulesto ensure that the person presenting the transaction device 102 in thetransaction is an authorized holder of the transaction device. Inprevious systems, cardholder verification was performed using personalidentification numbers (or “PINs”) or other methods. It is desirable, insome situations, to require that a biometric feature of the cardholderbe verified to prior to conducting certain transactions. Embodiments ofthe present invention allow biometric verification to be performed in amanner specified by an issuer of the transaction device 102.

While further details regarding the biometric verification will beprovided below, a brief overview will illustrate certain features of thepresent invention. In a typical transaction pursuant to the presentinvention, a person presents transaction device 102 at terminal 104 toconduct a transaction. The terminal 104 and the transaction device 102interact with an initial communications handshake in which thetransaction device 102 and the terminal 104 establish a communicationssession. The exact nature of the communications handshake may varydepending on the communications standard used (e.g., the communicationshandshake may follow the communications protocol established by the EMVspecifications, for example).

Once communication has been established, and the terminal 104 andtransaction device 102 identify each other as supporting biometricverification processing, the terminal 104 requests a biometricinformation template (or “BIT”) from the transaction device 102. Thetransaction device 102 returns a BIT, and the terminal 104 uses thedetails in the BIT to prompt the cardholder to present a requiredbiometric feature to the biometric reader 106 for reading (e.g., if theBIT specifies that the cardholder's fingerprint from their right indexfinger be obtained, the terminal 104 prompts the cardholder to presenthis or her right index finger to a the biometric reader 106 forscanning). The terminal 104 obtains and processes the sample to create atemplate (as will be described further below) and returns the sample tothe transaction device 102. The transaction device 102 compares thereceived sample with a stored template. If the biometric sample matchesthe stored template, a success message may be returned to the terminalindicating that the cardholder has been successfully verified. Thetransaction may then be completed as normal (e.g., a payment transactionmay be completed, following the normal authorization rules of thepayment system).

Pursuant to some embodiments, as will be described further below, theverification may require the capture of additional biometric informationas defined by the issuer of the transaction device 102. Pursuant toembodiments of the present invention, issuers are able to specify theverification sequence by storing verification rules in the transactiondevice 102. The transaction device 102 follows the rules and isresponsible for issuing a verification success or failure message uponcompletion of those rules. The result is a system and method that allowsissuers to control the cardholder verification process even insituations where the transaction device 102 is used in off-lineenvironments (e.g., where the terminal 104 is not in communication withthe issuer or other processing center). Unlike previous biometricverification systems, the verification process and success/failurecriteria is controlled by rules in the transaction device 102, not byrules and criteria stored in the terminal device 104 or remoteprocessing centers.

Reference is now made to FIG. 2 which is a block diagram depicting atransaction device 200 (such as the transaction device 102 of FIG. 1)configured pursuant to some embodiments. In some embodiments,transaction device 200 may be formed as a card-shaped device (e.g., suchas a credit card size device compliant with ISO Standard 7816). Thedevice may be formed in other shapes as well. For example, the devicemay be shaped as a small format card and inserted in a mobile telephoneor other device.

Pursuant to some embodiments, the transaction device 200 has one or moreIC chips 202 embedded therein. The IC chip 202 includes a processorportion 208, an I/O portion 206, and one or more memory portions 210.The I/O portion 206 may include a plurality of electrical contacts (inthe case where the transaction device 200 communicates with terminalsvia contacts) and/or one or more antennas (in the case where thetransaction device 200 communicates with terminals via radio frequencycommunication). In some embodiments, a transaction device 200 may haveboth contactless and contact communication capabilities and may includeboth a plurality of contacts and one or more antennas. Those skilled inthe art will recognize that IC chip 202 may include other components(not shown) such as control logic, timers or the like as is known in theart.

The memory portion 210 may include different forms or types of memory,including, for example, read-only memory, non-volatile memory andprogrammable memory as is known in the art. As shown, the memory portion210 stores a number of data items for use in performing biometricverification pursuant to some embodiments. Those skilled in the art willappreciate that the memory portion 210 may store additional dataelements and applications (not shown) to enable the transaction device200 to interact with terminal devices and to perform transactions.

As shown, the memory portion 210 stores application data 212, one ormore biometric rules tables 214, one or more biometric referencetemplates (“BRTs”) 216, and one or more biometric information templates(“BITs”) 218. The application data 212 includes program instructionsthat, when executed by the processor 208, cause the processor to executea biometric verification process pursuant to embodiments of the presentinvention.

The biometric rules tables 214 stores data (e.g., loaded into the memoryby an issuer of the transaction device 200) used to control thebiometric verification of the cardholder. For example, the biometricrules table 214 may include the following data: a field containing oneor more biometric rule numbers (uniquely identifying each biometric ruleassociated with the transaction device and the cardholder), a fieldcontaining one or more BIT reference numbers (each referring to aparticular biometric information template stored in the memory), a fieldcontaining data identifying an action (or actions) to be taken shouldthe biometric verification be successful (e.g., the data may specifyeither that an additional biometric rule number be processed, or thatthe cardholder is successfully verified), a field containing dataidentifying an action (or actions) to be taken should the biometricverification fail (e.g., the data may specify that another rule beprocessed or that the verification transaction be failed), and a fieldcontaining data identifying a number of retries that may be attemptedshould the verification fail.

Each of these data elements are used in conjunction with the application212 to perform biometric verification processing pursuant to embodimentsof the present invention. Examples of verification rules will beprovided further below in conjunction with a description of FIG. 4. Ingeneral, the biometric verification rules table 210 and related data areused to allow issuers of a transaction device 200 to control theauthentication process during a transaction involving the transactiondevice 200.

For example, use of the biometric verification rules table allows theissuer to control, using rules stored in the transaction device 200, howmany retries to allow for each biometric sample (e.g. the card holdercould be allowed to submit their left index fingerprint up to threetimes within a transaction), what to do in the event of a successfulverification (e.g., the issuer could decide to approve the transaction,or the issuer could decide that more biometric samples are required, forexample, the issuer may decide that the card holder needs tosuccessfully submit their left index fingerprint and their right indexfingerprint before the transaction is approved), and what to do in theevent of a failed verification (e.g., the issuer could deny thetransaction, or the issuer could allow the card holder to submit analternative biometric. For example, the issuer may decide that the cardholder needs to submit either their left middle fingerprint or theirright middle fingerprint.). Pursuant to some embodiments, the issuerdefines the level of biometric authentication required for atransaction. The issuer may also choose to use a combination ofdifferent types of biometrics, for example iris scan and fingerprint.

The transaction card 200 may store a number of different combinationsand types of biometric rules, as will be illustrated below. In oneembodiment, a biometric verification rules table may specify a singlebiometric rule and template (e.g., as shown below in TABLE 1).

TABLE 1 RULE BIT No. SUCCESS FAILURE RETRIES R1 B1 SUCCESS FAILED 4

In some embodiments, the transaction device 200 may store severalbiometric verification rules in the biometric rules table 214. Forexample, as shown in TABLE 2, two biometric information templates 218and rules are provided. As an example, the rules may be constructed suchthat if the first rule is failed (as discussed further below), then thesecond rule must be attempted to successfully verify the cardholder. Asa specific example, the first rule could apply a template (B1)representing the cardholder's left index finger fingerprint, while thesecond rule could apply a template (B2) representing the cardholder'sright index finger fingerprint. Successful verification of eithertemplate would result in verification of the cardholder using thisscheme.

TABLE 2 RULE BIT No. SUCCESS FAILURE RETRIES R1 B1 SUCCESS R2 3 R2 B2SUCCESS FAILED 3

In some embodiments, the biometric verification rules table 214 in atransaction device 200 may require that more than one biometric templatebe verified. As an example, as shown in TABLE 3, two biometricinformation templates may be provided, and the rules may specify thatboth templates must be matched for the verification to be successful.

TABLE 3 RULE BIT No. SUCCESS FAILURE RETRIES R1 B1 R2 FAILED 4 R2 B2SUCCESS FAILED 2

In some embodiments, biometric verification rules may be establishedwhich require that more than one, but not all, of the biometricinformation templates be matched for a successful verification. As anexample, shown in TABLE 4, four biometric information templates may beprovided, and the biometric verification rules table 214 may specifythat two out of the four templates must be matched for the verificationto be successful.

TABLE 4 RULE BIT No. SUCCESS FAILURE RETRIES R1 B1 R2 R3 4 R2 B2 SUCCESSR3 4 R3 B3 R4 FAILED 4 R4 B4 SUCCESS FAILED 4

The biometric information templates and biometric reference templatesmay be created using an industry standard format (e.g., such as ISOStandard 19092). The samples taken from the cardholder may be takenprior to, or in conjunction with a personalization process performed bythe issuer (or an agent of the issuer) during issuance of the card. Insome embodiments, the samples may be taken from the cardholder at alater time, and transmitted to, and stored in, a memory of thetransaction device 200.

Reference is now made to FIG. 3, which is a block diagram depicting atransaction system 300 configured pursuant to some embodiments. In atypical transaction environment involving cardholder verificationpursuant to the present invention, a transaction system 300 includes anumber of entities, including a transaction device 302 (e.g., such asthe transaction device 200 described above in conjunction with FIG. 2),a terminal device 304, a processing center 320, and an issuer 330. Thoseskilled in the art will appreciate that a system will include any numberof transaction devices 302, terminal devices 304, and issuers 330. Oneor more processing centers 320 may also be involved.

In embodiments in which features of the present invention are used toperform cardholder verification for payment card transactions, theterminal device 304 may be a point of sale terminal deployed, forexample, at a merchant or sales location, and used to facilitate thesales of goods or services. The terminal device 304 may be incommunication (either intermittently or on a regular basis) with one ormore processing centers 320 to authorize and transmit paymentinformation to issuers 330 to facilitate the clearing and settlement oftransactions. In some embodiments, the processing center 320 is orincludes a payment network (such as the network operated by MasterCardInternational Incorporated). Some or all of the systems or entities maybe in communication over networks such as the Internet, or private orsecure networks.

As shown, the terminal device 304 may include a number of components toallow interaction with a transaction device 302. For example, theterminal device 304 may include a card reader 306 (e.g., such as acontact or contactless reader), a biometric sensor 308 (e.g., such as afingerprint reader, an iris scanner, a signature reader, a handprintscanner, or the like), a program or application 310 (e.g., including,for example, an application to allow communication with transactiondevice 302), a processor 312 and an input/output device 314 (e.g., toallow communication with other devices including, for example, aprocessing center 320). Those skilled in the art will appreciate that awide range of different types of terminal devices 304 may be used. Forexample, a terminal device 304 may be a typical point-of-sale terminal,a terminal embedded or installed in a vending machine, a passport orother information device processing terminal, or the like.

Further detail regarding a verification process pursuant to someembodiments will now be provided by reference to FIG. 4, which is a flowdiagram depicting a verification process 400 pursuant to someembodiments. The verification process 400 may be performed by atransaction device (such as the device 200 of FIG. 2) in interactionwith a terminal device (such as the device 304 of FIG. 3) during atransaction. The process 400 may be performed after initialcommunications between a transaction device and a terminal device havebeen completed (e.g., after an initial handshake process has occurred).

Processing begins at 402 where, for example, an application stored inthe terminal device determines that biometric cardholder verificationprocessing is required. Processing continues at 404 where the terminaldevice reads a biometric information template (“BIT”) from thetransaction device. The selection of the BIT to be provided to theterminal device is, for example, determined by the biometricverification rules stored in the transaction device (e.g., in thebiometric verification rules table, such as table 214 of FIG. 2). Forexample, the transaction card may begin with the first biometricverification rule stored in the card, and cause the BIT associated withthe first biometric verification rule to be transmitted to the terminal.

The BIT specifies the nature of the biometric sample to be collected bythe terminal. Processing continues at 406 where the terminal collectsthe required biometric data. This may be performed, for example, bygenerating a prompt to the cardholder, instructing the cardholder topresent the required biometric feature for reading. If the BIT read at404, for example, requires a left index finger fingerprint, then theterminal may prompt the cardholder to present their left index fingerfingerprint to a fingerprint reader to collect the sample. If theterminal is unable to collect or read the required feature, processingcontinues to 410. If the terminal is able to collect the requiredfeature, processing continues at 408 as the terminal converts thesampled feature into a sample template (e.g., in accordance with astandard format such as the format specified by ISO Standard 19092) andtransmits the sampled data in a sample template to the transaction card.

At 408, the transaction card processes the sample template from theterminal by comparing the biometric reference template associated withthe current BIT to the sample template. Processing continues at 410where the transaction card applies the biometric verification rules inthe biometric verification rules table to the results of 408. If thesample template matches the biometric reference template, then thetransaction card application examines the “success” column of thebiometric verification rules table. If the “success” column indicatesthat another rule must be performed, then the application moves to thenew rule in the table, and the process returns to 404. If the “success”column indicates that the verification should be considered successfulbased on the BIT verification, then the transaction card returns a“SUCCESS” message to the terminal and verification is complete.

If the sample template does not match the biometric reference template,then the transaction device application examines the “retries” column ofthe rules table to determine whether the transaction should “FAIL” or ifa retry is available. If a retry is available, the retry counter isdecremented, and processing reverts to step 406, and the same BIT isapplied. If the retry counter has been exhausted, then the transactiondevice will examine the “failed” column of the biometric verificationrules table. If another rule is available and should be followed, thenthe transaction device will retrieve the next rule and it's associatedBIT and processing reverts to step 404. The process continues until afinal “SUCCESS” or “FAIL” is reached.

In the embodiments described above, a fixed mode of operation specifiedby the biometric verification rules table is followed, and all of thematching is determined by an application stored on the transactiondevice 200. In some embodiments, a transaction device may randomlychoose rules from the biometric verification rules table. In suchembodiments, the transaction device 200 may be configured withadditional parameters which define the number of rules which must bepassed for authentication to succeed and the maximum number of failedrules before authentication is considered to be a failure.

In this embodiment, the transaction device randomly selects rules fromthe biometric verification rules table. If verification is successfulthen the transaction device increments a success counter. If the countis equal to the number of successful verifications required then thetransaction device considers the authentication as successful. If moresuccesses are required then the transaction device picks another rule atrandom.

In the case of a failed verification, the transaction device incrementsa failed counter if the number of retries has been exhausted or theverification is skipped. If the failed count is greater than a maximumnumber of failures allowed then the transaction device considers theauthentication as failed. If more failures are allowed then thetransaction device selects another rule at random.

In a further embodiment, transaction devices may be deployed withoutbiometric reference data stored thereon (e.g., the cardholder'sbiometric reference data is not loaded onto the transaction device). Insuch embodiments, the transaction device may only store the biometricverification rules table. The biometric verification rules table may beread by the terminal during transactions and the terminal may use thedata from the table to directly perform the required authentications.

The above descriptions of processes herein should not be considered toimply a fixed order for performing the process steps. Rather, theprocess steps may be performed in any order that is practicable,including simultaneous performance of at least some steps.

Although the present invention has been described in connection withspecific exemplary embodiments, it should be understood that variouschanges, substitutions, and alterations apparent to those skilled in theart can be made to the disclosed embodiments without departing from thespirit and scope of the invention as set forth in the appended claims.

What is claimed is:
 1. A method comprising: storing, by a payment devicein a memory, a biometric rules table, a plurality of biometricinformation templates, and a plurality of biometric reference templatesprovided by an issuer financial institution, wherein the biometric rulestable comprises a plurality of rules, each of the plurality of biometricinformation templates specifies a biometric feature, and each of theplurality of biometric reference templates represents a digitalrepresentation of a physical feature of a cardholder associated with thepayment device; transmitting, by the payment device to a terminal deviceduring a payment transaction, a first biometric information templatebased on a first biometric rule of the biometric rules table; receiving,by the payment device from the terminal device, a first sample templateand information about the payment transaction; determining, by thepayment device, that the first sample template matches a first biometricreference template; determining, by the payment device that averification sequence applies to the payment transaction that requiressatisfaction of at least a second biometric rule of the biometric rulestable to verify an identity of the cardholder; transmitting, by thepayment device to the terminal device, a second biometric informationtemplate associated with the second biometric rule; receiving, by thepayment device from the terminal device, a second sample template;determining, by the payment device, that the second sample templatematches a second biometric reference template; and transmitting, by thepayment device to the terminal device, a verification status of thecardholder.
 2. The method of claim 1, wherein the verification sequencecomprises a plurality of verification rules, wherein each verificationrule comprises an associated action to be taken when verification issuccessful, and data identifying a number of retries to be taken whenverification is unsuccessful.
 3. The method of claim 2, wherein theverification sequence comprises a predetermined sequence of verificationrules specified by the issuer financial institution.
 4. The method ofclaim 2, wherein the verification sequence comprises a random sequenceof verification rules chosen from the biometric rules table by anapplication of the payment device.
 5. The method of claim 1, wherein theverification status of the cardholder comprises a success code, andfurther comprising receiving, by the payment device from the terminaldevice, a payment account information request.
 6. The method of claim 1,further comprising, prior to transmitting the first biometricinformation template: receiving, by the payment device from the issuerfinancial institution, an updated biometric rules table; and storing, bythe payment device, the updated biometric rules table in the memory. 7.The method of claim 1, further comprising, subsequent to receiving thefirst sample template from the terminal device: determining, by thepayment device, that the first sample template does not match the firstbiometric reference template; determining, by the payment device basedon the biometric rules table, that at least one retry is permitted; andretransmitting, by the payment device to the terminal device during thepayment transaction, the first biometric information template.
 8. Themethod of claim 7, further comprising, after determining that the firstsample template does not match the first biometric reference template:determining, by the payment device based on the biometric rules table,that a retry is not permitted; and transmitting, by the payment deviceto the terminal device, a failure code.
 9. The method of claim 1,further comprising, subsequent to determining that the first sampletemplate matches the first biometric reference template: determining, bythe payment device that the verification sequence for the paymenttransaction does not require satisfaction of a second biometric rule ofthe biometric rules table to verify the identity of the cardholder; andtransmitting, by the payment device to the terminal device, a successcode.
 10. The method of claim 1, further comprising, subsequent toreceiving the second sample template from the terminal device:determining, by the payment device, that the second sample template doesnot match the second biometric reference template; determining, by thepayment device based on the biometric rules table, that at least oneretry is permitted; and retransmitting, by the payment device to theterminal device during the payment transaction, the second biometricinformation template.
 11. The method of claim 10, further comprising,after determining that the second sample template does not match thesecond biometric reference template: determining, by the payment devicebased on the biometric rules table, that a retry is not permitted; andtransmitting, by the payment device to the terminal device, a failurecode.
 12. The method of claim 1, wherein the first biometric informationtemplate is associated with a first biometric feature that is differentfrom a second biometric feature associated with the second biometricinformation template.
 13. A payment device comprising: a processor; aninput/output device coupled to the processor; and a memory incommunication with the processor, the memory storing a biometric rulestable, a plurality of biometric information templates, a plurality ofbiometric reference templates, and a verification sequence required toverify an identity of a cardholder, wherein each of the plurality ofbiometric information templates specifies a biometric feature, and eachof the plurality of biometric reference templates represents a digitalrepresentation of a physical feature of the cardholder, wherein thememory also stores instructions configured to cause the processor to:transmit to a terminal device during a payment transaction, a firstbiometric information template based on a first biometric rule of thebiometric rules table; receive a first sample template from the terminaldevice and information about the payment transaction; determine that thefirst sample template matches a first biometric reference template;determine that the verification sequence for the payment transactionrequires satisfaction of at least a second biometric rule of thebiometric rules table to verify the identity of the cardholder; transmitto the terminal device, a second biometric information templateassociated with the second biometric rule; receive a second sampletemplate from the terminal device; determine that the second sampletemplate matches a second biometric reference template; and transmit averification status of the cardholder to the terminal device.
 14. Thepayment device of claim 13, the memory storing further instructionsconfigured to cause the processor, prior to transmitting the firstbiometric information template, to: receive an updated biometric rulestable from the issuer financial institution; and store the updatedbiometric rules table in the memory.
 15. The payment device of claim 13,the memory storing further instructions configured to cause theprocessor, subsequent to receiving the first sample template from theterminal device, to: determine that the first sample template does notmatch the first biometric reference template; determine, based on thebiometric rules table, that at least one retry is permitted; andretransmit the first biometric information template to the terminaldevice during the payment transaction.
 16. The payment device of claim15, the memory storing further instructions configured to cause theprocessor, subsequent to determining that the first sample template doesnot match the first biometric reference template, to: determine that aretry is not permitted; and transmit a failure code to the terminaldevice.
 17. The payment device of claim 13, the memory storing furtherinstructions configured to cause the processor, subsequent todetermining that the first sample template matches the first biometricreference template, to: determine that the verification sequence for thepayment transaction does not require satisfaction of a second biometricrule of the biometric rules table to verify the identity of thecardholder; and transmit a success code to the terminal device.
 18. Thepayment device of claim 13, the memory storing further instructionsconfigured to cause the processor, subsequent to receiving the secondsample template from the terminal device, to: determine that the secondsample template does not match the second biometric reference template;determine based on the biometric rules table, that at least one retry ispermitted; and retransmit the second biometric information template tothe terminal device during the payment transaction.
 19. The paymentdevice of claim 18, the memory storing further instructions configuredto cause the processor, after determining that the second sampletemplate does not match the second biometric reference template:determine that a retry is not permitted; and transmit a failure code tothe terminal device.